A key is a piece of information that controls the cryptographic
process and permits an encrypted string to be decoded. In fact, the key
you chose will provide the only means to decode data that was
encrypted with that key, so not only must you choose the key carefully,
you must never change it if you intend use it for persistent data.

It goes without saying that you should guard your key carefully. Should
someone gain access to your key, the data will be easily decoded. If
your server is not totally under your control it’s impossible to ensure
key security so you may want to think carefully before using it for
anything that requires high security, like storing credit card numbers.

To take maximum advantage of the encryption algorithm, your key should
be 32 characters in length (256 bits). The key should be as random a
string as you can concoct, with numbers and uppercase and lowercase
letters. Your key should not be a simple text string. In order to be
cryptographically secure it needs to be as random as possible.

Your key can be either stored in your application/config/config.php, or
you can design your own storage mechanism and pass the key dynamically
when encoding/decoding.

To save your key to your application/config/config.php, open the file
and set:

It’s important for you to know that the encoded messages the encryption
function generates will be approximately 2.6 times longer than the
original message. For example, if you encrypt the string “my super
secret data”, which is 21 characters in length, you’ll end up with an
encoded string that is roughly 55 characters (we say “roughly” because
the encoded string length increments in 64 bit clusters, so it’s not
exactly linear). Keep this information in mind when selecting your data
storage mechanism. Cookies, for example, can only hold 4K of
information.

Enables you to re-encode data that was originally encrypted with
CodeIgniter 1.x to be compatible with the Encrypt library in
CodeIgniter 2.x. It is only necessary to use this method if you have
encrypted data stored permanently such as in a file or database and are
on a server that supports Mcrypt. “Light” use encryption such as
encrypted session data or transitory encrypted flashdata require no
intervention on your part. However, existing encrypted Sessions will be
destroyed since data encrypted prior to 2.x will not be decoded.

Important

Why only a method to re-encode the data instead of maintaining legacy
methods for both encoding and decoding? The algorithms in the
Encrypt library have improved in CodeIgniter 2.x both for performance
and security, and we do not wish to encourage continued use of the older
methods. You can of course extend the Encryption library if you wish and
replace the new methods with the old and retain seamless compatibility
with CodeIgniter 1.x encrypted data, but this a decision that a
developer should make cautiously and deliberately, if at all.

$new_data=$this->encrypt->encode_from_legacy($old_encrypted_string);

Parameter

Default

Description

$orig_data

n/a

The original encrypted data from CodeIgniter 1.x’s Encryption library

$legacy_mode

MCRYPT_MODE_ECB

The Mcrypt mode that was used to generate the original encrypted data.
CodeIgniter 1.x’s default was MCRYPT_MODE_ECB, and it will assume that
to be the case unless overridden by this parameter.

$key

n/a

The encryption key. This it typically specified in your config file as
outlined above.